Phishing Attacks

Be the "phish" that got away!

What is a phishing attack?

Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts. These attacks can even appear to come from a colleague or friend you know.

Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as:

• natural disasters 
• epidemics and health scares (e.g., H1N1)
• economic concerns (e.g., IRS scams)
• major political elections
• holidays

They may also appear to come from internal departments or of an urgent nature:

• Help Desk Notice 
This phish is an example of how poorly most culprits have taken steps to disguise the message - it is often the case that phishing messages are originally drafted for another school or school district. If it came from lexcs it would have your ticket number and the lexcs domain included and be related to an issue you recently reported.

• Google Docs Download (in the subject line)
This phish example attempts to trick the recipient into clicking on a link to a malicious website by purporting to be a link to download a Google doc.

• Urgent
Any email designated as Urgent followed by a link enclosed in the email should be considered suspicious. This is a common means of getting the recipient to respond quickly before thinking it through. 

How do you avoid being a victim?

• Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, verify his or her identity directly with the company.

• Do not provide personal information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information. 

• Do NOT reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email. IF YOU ARE ASKED FOR PERSONAL INFORMATION, REPORT THIS TO YOUR SUPERVISOR...even if the request appears to be coming from your supervisor. You should personally speak with that supervisor and make him/her aware of the request.(See Protecting Your Privacy for more information.)

• Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).

• If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly or the sender directly (if you know the sender). Do NOT use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group.

What do you do if you think you are a victim?

• If you believe you might have revealed sensitive information about your organization/department, report it to the tech department immediately. They can be alert for any suspicious or unusual activity.

• Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.

In the links below are some phishing emails sent to some of our LCS employees. 

Please take the time to look at each one. Some seem very legitimate, such as requests for licensure information or an email that appears to be coming from GMAIL directly. When in doubt, personally confirm the legitimacy of the request with the company or sender directly...and never by replying to that same sender via the contact info they provide.

Example 1
Example 2
Example 3
Example 4
Example 5
Example 6
Example 7